﻿
Partial Class Admin_Manager
    Inherits System.Web.UI.Page
    Public Shared Function MD5(ByVal strSource As String, ByVal Code As Int16) As String
        '这里用的是ascii编码密码原文，如果要用汉字做密码，可以用UnicodeEncoding，但会与ASP中的MD5函数不兼容 
        Dim dataToHash As Byte() = (New System.Text.ASCIIEncoding).GetBytes(strSource)
        Dim hashvalue As Byte() = CType(System.Security.Cryptography.CryptoConfig.CreateFromName("MD5"), System.Security.Cryptography.HashAlgorithm).ComputeHash(dataToHash)
        Dim i As Integer
        Select Case Code
            Case 16 '´选择16位字符的加密结果 
                For i = 4 To 11
                    MD5 += Hex(hashvalue(i)).ToLower
                Next
            Case 32 ' ´选择32位字符的加密结果 
                For i = 0 To 15
                    MD5 += Hex(hashvalue(i)).ToLower
                Next
            Case Else ' ´Code错误时，返回全部字符串，即32位字符 
                For i = 0 To hashvalue.Length - 1
                    MD5 += Hex(hashvalue(i)).ToLower
                Next
        End Select
    End Function
    Function EncodeBase64(ByVal StrA)
        Dim BufferA As Byte()
        BufferA = System.Text.Encoding.Default.GetBytes(StrA)
        Dim StrB As String
        StrB = Convert.ToBase64String(BufferA)
        EncodeBase64 = StrB
    End Function
    Function DecodeBase64(ByVal StrA)
        DecodeBase64 = Encoding.GetEncoding("gb2312").GetString(Convert.FromBase64String(StrA))
    End Function
    Function EncodePassWord(ByVal StrA)
        EncodePassWord = mid(MD5(StrA, 32), 11, 13)
        EncodePassWord = mid(MD5(EncodePassWord, 32), 11, 13)
        EncodePassWord = EncodeBase64(EncodePassWord)
        EncodePassWord = replace(EncodePassWord, "=", "MdIO9")
    End Function
    Function getstr(ByVal iRemote)
        Dim xPost, sGet
        iRemote = iRemote
        xPost = SERVER.CreateObject("msxml2.serverxmlhttp") 'msxml2.serverxmlhttp
        xPost.Open("GET", iRemote, False)
        xPost.setrequestheader("referer", "http://taoke.alimama.com/spreader/search_auction.htm")
        xPost.Send()
        sGet = CreateObject("ADODB.Stream")
        sGet.Mode = 3
        sGet.Type = 1
        sGet.Open()
        On Error Resume Next

        sGet.Write(xPost.responseBody)
        sGet.Position = 0
        sGet.Type = 2
        sGet.Charset = "gb2312" ' "gb2312"
        getstr = sGet.ReadText
    End Function
    Function EditAdmin()
        Dim connstr, conn, rs, header, Footer
        connstr = ConfigurationSettings.AppSettings("SQLConnString") & """" & Server.MapPath(".") & "\..\" & ConfigurationSettings.AppSettings("dbPath") & """"
        conn = Server.CreateObject("ADODB.Connection")
        conn.open(connstr)
        rs = Server.CreateObject("adodb.recordset")
        rs.open("select *  from [Admin^] where Admin_Id=" & int(request("id")), conn, 1, 3)
        If Not rs.eof Then
            If request("Username") <> "" Then
                rs("Admin_UserName").value = request("Username")
            End If
            If request("Password") <> "" Then
                rs("Admin_UserPass").value = EncodePassWord(request("Password"))
            End If
            rs.update()
        End If
        response.Write(rs("Admin_Id").value & "|Ok" & "|" & rs("Admin_UserName").value)
        rs.close()
        conn.close()
        response.end()
    End Function
    Function DelAdmin()
        Dim connstr, conn, rs, header, Footer
        connstr = ConfigurationSettings.AppSettings("SQLConnString") & """" & Server.MapPath(".") & "\..\" & ConfigurationSettings.AppSettings("dbPath") & """"
        conn = Server.CreateObject("ADODB.Connection")
        conn.open(connstr)
        rs = Server.CreateObject("adodb.recordset")
        rs.open("select *  from [Admin^]", conn, 1, 3)
        If rs.recordcount = 1 Then
            rs.close()
            conn.close()
            response.Write("Error|Delete")
            response.end()
        End If
        rs.close()
        rs.open("select *  from [Admin^] where Admin_Id=" & int(request("id")), conn, 1, 3)

        If Not rs.eof Then
            rs.delete()
            rs.update()
        End If
        rs.close()
        conn.close()
        response.Write(int(request("id")) & "|Delete")
        response.end()
    End Function
    Function AddAdmin()
        If request("Username") = "" Or request("Password") = "" Then
            Response.Write("<script language=javascript>alert('您输入的信息不完整！');this.location.href='Admin_Manager.aspx';</script>")
            Response.end()
        End If
        Dim connstr, conn, rs, header, Footer
        connstr = ConfigurationSettings.AppSettings("SQLConnString") & """" & Server.MapPath(".") & "\..\" & ConfigurationSettings.AppSettings("dbPath") & """"
        conn = Server.CreateObject("ADODB.Connection")
        conn.open(connstr)
        rs = Server.CreateObject("adodb.recordset")
        rs.open("select *  from [Admin^] where Admin_UserName='" & replace(request("Username"), "'", "''") & "'", conn, 1, 3)
        If rs.eof Then
            rs.addnew()
            rs("Admin_UserName").value = replace(request("Username"), "'", "''")
            rs("Admin_UserPass").value = EncodePassWord(request("Password"))
            rs.update()
        Else

            Response.Write("<script language=javascript>alert('该管理员账号已经存在！');this.location.href='Admin_Manager.aspx';</script>")
        End If
        rs.close()
        conn.close()
        response.Redirect("Admin_Manager.aspx")
        response.end()
    End Function
    Function PassPortCheck()
        Dim connstr, connA, rsA
        connstr = ConfigurationSettings.AppSettings("SQLConnString") & """" & Server.MapPath(".") & "\..\" & ConfigurationSettings.AppSettings("dbPath") & """"
        connA = Server.CreateObject("ADODB.Connection")
        connA.open(connstr)
        Dim Admin_UserName, Admin_UserPass
        Admin_UserName = replace(Request.Cookies("TaoddAdmin").value, "'", "''")
        Admin_UserPass = replace(Request.Cookies("TaoddPassWord").value, "'", "''")
        rsA = Server.CreateObject("adodb.recordset")
        rsA.open("select * from [admin^] where Admin_UserName='" & Admin_UserName & "' and Admin_UserPass='" & Admin_UserPass & "'", connA, 1, 3)
        If rsA.eof Then
            Response.Redirect("login.aspx")
        End If
        connA.close()
        connA = Nothing
    End Function


    Function LoadFile(ByVal File)
        Dim objStream
        On Error Resume Next
        objStream = Server.CreateObject("ADODB.Stream")
        If Err.Number = -2147221005 Then

            Err.Clear()
            Response.End()
        End If
        With objStream
            .Type = 2
            .Mode = 3
            .Open()
            .LoadFromFile(Server.MapPath(File))
            If Err.Number <> 0 Then
                Err.Clear()
                Response.End()
            End If
            .Charset = "GB2312"
            .Position = 2
            LoadFile = .ReadText
            .Close()
        End With
        objStream = Nothing
    End Function

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Request.Cookies("TaoddAdmin") Is Nothing Or Request.Cookies("TaoddPassWord") Is Nothing Then
            Response.Redirect("login.aspx")
        Else
            PassPortCheck()
        End If

        If request("Action") = "UpDate" Then
            EditAdmin()
        End If
        If request("Action") = "Delete" Then
            DelAdmin()
        End If
        If request("Action") = "add" Then
            AddAdmin()
        End If
    End Sub
End Class
